Cybersecurity: A new old fight

But the cybersecurity debate about to begin in the House this week is merely a more modern take on an old political fight: a classic lobbying battle set against the backdrop of a post-Sept. 11 struggle between privacy and security.

Story Continued Below

Virtually all of Washington believes the government and industry should exchange data about new cyberthreats — not unlike regulators in the not-too-distant past who shared a desire to find new methods of preventing terrorism.

In both debates, however, it’s always been about the details. And on cybersecurity, Congress, the White House, private companies and interest groups just don’t see eye to eye. Each side is lobbying hard to shape the final product as regulators realize it’s difficult to safeguard civil liberties while thwarting the sort of attacks that might darken a city or disrupt Wall Street trading.

“I think CISPA is an illustration of a growing challenge to accommodate national security and privacy in an increasingly electronically interconnected world,” said Rep. Adam Schiff (D-Calif.), one of the bill’s biggest skeptics.

The supporters of the House’s proposal — known as the Cyber Intelligence Sharing and Protection Act, or CISPA — believe their proposal already strikes that balance. Even if it doesn’t, they likely have the votes to advance their information-sharing bill past the chamber when it comes to the floor.

However, they face continued criticism from other corners of the Capitol and the White House, which in 2012 threatened to veto CISPA because of its privacy pitfalls. The bill still cleared the House last year.

“We’ve come a long way on dealing with privacy issues,” Rep. Dutch Ruppersberger (D-Md.), one of its chief authors, said in an interview with POLITICO. “Until we have a bill passed where we can share information, we cannot protect our country from these attacks.”

To many, the most significant threat comes from hackers believed to be located in China — an issue the administration said Saturday it would address more closely with its Chinese counterparts through a new working group.

Even as lawmakers cited those foreign threats, though, Congress failed repeatedly last year to advance meaningful cybersecurity reform. In the months to follow, President Barack Obama signed a limited executive order focused on the digital defenses of power plants, water systems and other entities deemed critical infrastructure.

The administration’s order isn’t a perfect substitute for a new law — a reality that has Congress ready to return to the debate and the House ready to return to CISPA. Much as they did last year, House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking Democrat Ruppersberger, its authors, have made key, privacy-focused changes to the bill: Their latest string of revisions would restrict how the government uses shared data while instituting new reporting requirements.

But the fundamental fight that scuttled CISPA in 2012 — its balance between privacy and security — certainly remains on the political main stage in 2013. As the tug of war resumes, its allies and opponents on and off Capitol Hill are mobilizing aggressively to drag CISPA closer to their camp.

Security-minded members of Congress are out defending the bill — with Rogers holding a series of exclusive, members-only briefings with interested lawmakers, POLITICO has learned, including one with Gen. Keith Alexander, the head of U.S. Cyber Command. Rogers was not available to comment for this story.